translation/templating
diff --git a/index.php b/index.php
index cdc78ec..340a22e 100755
--- a/index.php
+++ b/index.php
@@ -7,6 +7,16 @@
if (!$DEBUG) error_reporting(0);
session_start();
+$INCLUDE_STRINGS_PATH = "templates_".$LANG_CC;
+if (isset($LANG_CC) && !empty($LANG_CC)) $TEMPLATE = $INCLUDE_STRINGS_PATH;
+else $TEMPLATE = "templates";
+
+include_once $TEMPLATE.'/strings.php';
+
+if(!file_exists(stream_resolve_include_path($INCLUDE_STRINGS_PATH.'/strings.php'))){
+ echo format($RUNTIME_ERROR->template_not_found, ["template"=>$INCLUDE_STRINGS_PATH, "langcc"=>$LANG_CC]);
+}
+
use Gregwar\Captcha\PhraseBuilder;
@@ -14,14 +24,14 @@
function register_page($error=false){
include 'config.php';
if ($error)
- include 'html/error.htm';
+ include $TEMPLATE.'/error.htm';
$_SESSION["captcha_token"] = generateRandomString(12);
- include "html/register.htm";
+ include $TEMPLATE."/register.htm";
echo '
<script>
const reload_captcha = async (e) => {
var cont = document.getElementById("reload_captcha");
- cont.innerHTML = "<div class=\'spinner-border text-info\' role=\'status\'><span class=\'sr-only\'>Loading...</span></div>";
+ cont.innerHTML = "<div class=\'spinner-border text-info\' role=\'status\'><span class=\'sr-only\'>'.$STRINGS->reloading_captcha.'</span></div>";
var img = document.getElementById("captcha")
var url = "'.$BASE_URL.'/captcha.php?token='.$_SESSION["captcha_token"].'"
await fetch(url, { cache: "reload", mode: "no-cors" })
@@ -45,129 +55,17 @@
function verify_request($user){
unset($_SESSION['captcha_token']);
- include "config.php";
- $error = "";
- if (ldap_user_count($user->user_name)) {
- $error = $error."This username is already in use! Please choose another username<br>";
- unset($_POST["username"]);
- }
- if (preg_match("/\s/", $user->user_name)) {
- $error = $error."Username cannot contain whitespaces<br>";
- unset($_POST["username"]);
- }
- if (strlen($user->user_name) > $VAL_USER->max_username) {
- $error = $error."Username has to be smaller than ".($VAL_USER->max_username+1)." characters<br>";
- unset($_POST["username"]);
- }
- if (strlen($user->user_name) < $VAL_USER->min_username) {
- $error = $error."Username has to be bigger than ".($VAL_USER->min_username-1)." characters<br>";
- unset($_POST["username"]);
- }
- if (preg_match('/[\'\/~`\!@#\$%\^&\*\(\)_\-\+=\{\}\[\]\|;:"\<\>,\.\?\\\]/',$user->user_name)) {
- $error = $error."The username cannot contain special characters<br>";
- unset($_POST["username"]);
- }
- if (preg_match('/^\d/',$user->user_name)) {
- $error = $error."The username cannot begin with a number<br>";
- unset($_POST["username"]);
- }
- include "blacklists/usernames.php";
- if(in_array($user->user_name, $USERNAME_BLACKLIST)) {
- $error = $error."That Username is not allowed!<br>";
- unset($_POST["username"]);
- }
-
-
- if (preg_match("/\s/", $user->name)) {
- $error = $error."First Name cannot contain whitespaces<br>";
- unset($_POST["name"]);
- }
- if (strlen($user->name) > $VAL_USER->max_first_name) {
- $error = $error."First Name has to be smaller than ".($VAL_USER->max_first_name+1)." characters<br>";
- unset($_POST["name"]);
- }
- if (strlen($user->name) < $VAL_USER->min_first_name) {
- $error = $error."First Name has to be bigger than ".($VAL_USER->min_first_name-1)." characters<br>";
- unset($_POST["name"]);
- }
- if (preg_match('/[\'\/~`\!@#\$%\^&\*\(\)_\-\+=\{\}\[\]\|;:"\<\>,\.\?\\\0-9]/',$user->name)) {
- $error = $error."The first name cannot contain special characters or numbers<br>";
- unset($_POST["name"]);
- }
-
-
- if (preg_match("/\s/", $user->last_name)) {
- $error = $error."Last Name cannot contain whitespaces<br>";
- unset($_POST["last_name"]);
- }
- if (strlen($user->last_name) > $VAL_USER->max_last_name) {
- $error = $error."Last Name has to be smaller than ".($VAL_USER->max_last_name+1)." characters<br>";
- unset($_POST["last_name"]);
- }
- if (strlen($user->last_name) < $VAL_USER->min_last_name) {
- $error = $error."Last Name has to be bigger than ".($VAL_USER->min_last_name-1)." characters<br>";
- unset($_POST["last_name"]);
- }
- if (preg_match('/[\'\/~`\!@#\$%\^&\*\(\)_\-\+=\{\}\[\]\|;:"\<\>,\.\?\\\ 0-9]/',$user->last_name)) {
- $error = $error."The last name cannot contain special characters or numbers<br>";
- unset($_POST["last_name"]);
- }
-
-
- if (ldap_mail_count($user->email)) {
- $error = $error."This email is already has an account. Did you forget your password?<br>";
- unset($_POST["email"]);
- }
- if (!filter_var($user->email, FILTER_VALIDATE_EMAIL)) {
- $error = $error."Invalid email format<br>";
- unset($_POST["email"]);
- }elseif(in_array(explode("@", $user->email)[1], $MAIL_HOST_BLACKLIST )){
- $error = $error."This email service is not allowed<br>";
- unset($_POST["email"]);
- }
- $pending = redis_get("pending");
- if ($pending){
- $maillist = $pending->mails;
- if (in_array($user->email, $maillist)){
- $error = $error."This email is already pending approval, check your mailbox or try to register with a different email<br>";
- unset($_POST["email"]);
- }
- }
-
-
- if ($_POST["password"] != $_POST["password_confirm"]) {;
- $error = $error."Passwords do not match!<br>";
- unset($_POST["password_confirm"]);
- }
+ include_once 'validators.php';
+ include_once $TEMPLATE.'/strings.php';
$password = $_POST["password"];
- if (strlen($password) < $VAL_USER->min_password) {
- $error = $error."Password should have at least ".$VAL_USER->min_password." characters<br>";
- unset($_POST["password"]);
- unset($_POST["password_confirm"]);
- }
- if (strlen($password) > $VAL_USER->max_password) {
- $error = $error."Your password is too big!<br>";
- unset($_POST["password"]);
- unset($_POST["password_confirm"]);
- }
- include "blacklists/password.php";
- if(in_array($password, $PASSWORD_BLACKLIST)) {
- $error = $error."That password is not allowed!<br>";
- unset($_POST["password"]);
- unset($_POST["password_confirm"]);
- }
- foreach (array("username", "name", "last_name", "email") as &$field) {
- if (!isset($_POST[$field]))
- continue;
- $value = strtoupper($_POST[$field]);
- $PASSWORD = strtoupper($password);
- if(strpos($value, $PASSWORD) !== false || strpos($PASSWORD, $value) !== false){
- $error = $error."Your password cannot contain any of your names or email neither the names can contain the password<br>";
- unset($_POST["password"]);
- unset($_POST["password_confirm"]);
- break;
- }
- }
+ $error = "";
+
+ $error .= validate_username($user->user_name);
+ $error .= validate_name($user->name, $FIRST_NAME_VALIDATION_ERROR);
+ $error .= validate_name($user->last_name, $LAST_NAME_VALIDATION_ERROR);
+ $error .= validate_email($user->email);
+ $error .= validate_password($password);
+
if (!(isset($_SESSION['captcha']) && PhraseBuilder::comparePhrases($_SESSION['captcha'], $_POST['captcha']))) {
$error = $error."Wrong captcha!<br>";
@@ -179,8 +77,10 @@
function approve_request($user){
include "mail.php";
- echo "<h2>Almost there! Confirm your email</h2>";
- $token = generateRandomString();
+ $token = "";
+ do {
+ $token = generateRandomString();
+ } while (redis_get($token));
redis_set($token, $user, $MAIL_CONFIRMATION_AWAIT_DELAY);
$pending = redis_get("pending");
if ($pending){
@@ -204,12 +104,12 @@
$_SESSION['resend'] = generateRandomString(12);
$_SESSION['token'] = $token;
$_SESSION['email'] = $user->email;
- echo "<p>Didn't receive anything yet? <a href='".$BASE_URL."/?type=resend&token=".$_SESSION['resend']."'>Click here</a> to resend the confirmation email.</p>";
+ include $TEMPLATE."confirm_your_email.htm";
}
// PAGE
-include "html/header.htm";
+include $TEMPLATE."/header.htm";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
include 'ldap.php';
@@ -218,7 +118,7 @@
case "register":
$user = new User($_POST["username"], $_POST["name"], $_POST["last_name"], $_POST["email"], $_POST["password"]);
if (redis_inc_ipdata(getClientIP(), "register", true) > $HOURLY_REGISTRATIONS){
- include "html/registration_limit.htm";
+ include $TEMPLATE."/registration_limit.htm";
}else{
$error = verify_request($user);
if ($error)
@@ -227,13 +127,15 @@
approve_request($user);
}
break;
+ case "recover":
+ break;
}
}
} elseif (isset($_GET['type'])) {
switch ($_GET['type']) {
case "confirmation":
if (!isset($_GET["token"])){
- echo "INVALID REQUEST!";
+ echo $RUNTIME_ERROR->user_trying_invalid_get;
}else{
include "ldap.php";
$token = $_GET["token"];
@@ -252,22 +154,22 @@
}
}
redis_inc_ipdata(getClientIP(), "register");
- echo "<h1>Email Confirmation</h1>";
- include "html/mail_confirmed.htm";
+ echo $STRINGS->email_confirmation;
+ include $TEMPLATE."/mail_confirmed.htm";
}else{
- echo "<h1>Email Confirmation</h1>";
- include "html/registration_error.htm";
+ echo $STRINGS->email_confirmation;
+ include $TEMPLATE."/registration_error.htm";
}
redis_delete($token);
}else{
- include "html/token_expired.htm";
+ include $TEMPLATE."/token_expired.htm";
}
}
break;
case "resend":
if (isset($_GET['token']) && isset($_SESSION['resend']) && $_GET['token'] == $_SESSION['resend']){
include "mail.php";
- include "html/resend_mail.htm";
+ include $TEMPLATE."/resend_mail.htm";
$token = $_SESSION['token'];
$url = $BASE_URL."?type=confirmation&token=".$token;
$smtp = $FALLBACK_SMTP;
@@ -282,6 +184,10 @@
unset($_SESSION['email']);
}
break;
+ case "recover":
+ break;
+ case "confirm_recover":
+ break;
}
@@ -290,5 +196,5 @@
register_page();
}
-include "html/bottom.htm";
+include $TEMPLATE."/bottom.htm";
?>